class AccountController < ApplicationController
  
  before_filter :authorize, :except => :login
  
  def login
    if request.post?
      user = User.authenticate(params[:username],params[:password])
      if user
        session[:user_id] = user.id
        user.chatroom = nil
        user.save
        clean_up
        redirect_to :controller => :chat
      else
        flash[:notice] = "Wrong username/password!"
        redirect_to :controller => :welcome
      end
    end
  end
  
  def logout
    session[:user_id] = nil
    redirect_to :controller => :welcome
  end
  
  
end
